Security researcher Zoltan Balazs has developed a remote-controlled piece of malware that functions as a browser extension and is capable of modifying Web pages, downloading and executing files, hijacking accounts, bypassing two-factor authentication security features enforced by some websites, and much more.
Balazs, who works as an IT security consultant for professional services firm Deloitte in Hungary, created the proof-of-concept malware in order to raise awareness about the security risks associated with browser extensions and as a call to the antivirus industry to take this type of threat more seriously.